Unrated severityNVD Advisory· Published Apr 3, 2007· Updated Jun 16, 2026
CVE-2007-1840
CVE-2007-1840
Description
lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting (XSS).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:ldap_account_manager:ldap_account_manager:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ldap_account_manager:ldap_account_manager:*:*:*:*:*:*:*:*range: <=1.0_rc2
- (no CPE)range: <1.3.0
Patches
Vulnerability mechanics
References
8- lam.cvs.sourceforge.net/lam/lam/lib/modules.incnvdPatch
- lam.sourceforge.net/changelog/index.htmnvdVendor Advisory
- secunia.com/advisories/24687nvd
- secunia.com/advisories/25157nvd
- www.securityfocus.com/bid/23190nvd
- www.us.debian.org/security/2007/dsa-1287nvd
- www.vupen.com/english/advisories/2007/1149nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/33307nvd
News mentions
0No linked articles in our index yet.